FISMA Analyst -Secret - Arlington, Va

Location: Arlington, VA
Date Posted: 08-02-2017
A key client of ours is the Prime on a new 5 year Cyber Program supporting the DHS.
All positions will be out of company headquarters on Wilson Blvd in Clarendon, Va.  
We have a need for several FISMA analysts, as well IA Governance professionals (ranging from mid level to senior). 
These are full-time W2 positions as an employee with full benefits (no 3rd parties or 1099s).
It requires the ability to get a Secret clearance is required (if you already have a clearance that is greatand we can hold higher clearances -up to TS/SSBI).

[The description below is for a FISMA analyst, but other  roles also exist so please do send in your resume if you are in the Risk Management field]

About the Role:

As a FISMA Analyst, you will support the FISMA compliance Security Authorization services of a Federal client. This support includes: General FISMA Support, Security Authorization Process (SAP) and Ongoing Authorization (OA) artifacts, Ongoing Authorization, Plan of Action and Milestones (POA&Ms) and waivers/exceptions. The candidate shall ensure that all IT solutions, products and services destined for operational and meet the Agency’s technical standards and protocols and perform to defined design, cost, and schedule requirements, as well as performance capabilities.

Responsibilities:

  • Provide continuous Waiver, Exception, and Accepted Risk oversight and management support for all Agency's systems and applications.
  • Assist with the assessment, creation, closure, and management of all WEAR documents.
  • Manage the approval process for waivers by forwarding all waivers to DHS after all applicable Agency approvals are obtained by ISD.
  • Forward all DHS approvals, approvals with modification, and rejection notices to ISSOs and system owners.
  • Maintain a historical database of all waivers and accepted risks and provide reports from this database monthly or as required by the Federal Government.
  • Ensure WEAR and other SAP information is created and updated within all Client security information repositories (currently XACTA and ECN).
  • Ensure that WEAR documents are created for POA&Ms and approved by ISD no less than 60 days prior to POA&M expiration. Escalate all issues relating to POA&Ms to the Agency Federal PM.
  • Provide reporting on POA&M remediation for all systems upon request by the Federal Government.

 

Required Qualifications:

  • 5-15 years or more experience in information security, risk management, or related discipline.
  • Associates or Bachelor’s degree (if no degree, 2 additional years’ experience is desired).
  • At least one active certification such as Security+, CASP, GSEC, GSLC, CISSP, CEH, CISM, and CISA.
  • U.S. citizenship required, active DHS/Secret clearance a plus.
  • Experience performing independent compliance reviews, tracking, and continuous monitoring of newly submitted security authorization packages.
  • Advise and assist with all stages of the NIST Risk Management Framework as applied to system security.
  • Conduct risk assessments related to waivers and exceptions.
  • Work closely with developers to identify the appropriate security controls.
  • Proactively inform system owners and other stakeholders of any risks to their systems, or major upcoming milestones.
  • Keep abreast of security vulnerabilities and new threats for applicability to assigned systems; develop remediation plans as needed.
  • Manage corrective action plans for the system and track progress.
  • Assist with developing materials for briefing authorization package status to senior agency officials during security authorization activities.
  • Strong Communication skills, verbal and written.
 
Please send a current resume indicating salary requirements.
These are full time positions with full benefits as an employee (no 3rd parties or C2C please).
Please also provide a good daytime phone number that i may reach you on. 

Sincerely,
 
or
this job portal is powered by CATS